Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to remove Trojan horse generic_r.EXT


  • This topic is locked This topic is locked
8 replies to this topic

#1 sumi1

sumi1

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:00 AM

Posted 11 July 2015 - 05:45 AM

I have Windows Vista and AVG antivirus on the system. In one of the scans, AVG detected Trojan horse generic_r.EXT. It quarantines the said virus but does not remove it. On every scan, AVG detects the same virus and quarantines it. 

 

I have used Microsoft Security Essential, Microsoft Safety scanner, Adwcleaner, Combofix and they all were not able to detect this virus. Apparently AVG does a good job of detecting it  but not removing it. What do I do? 

 

How do I remove this virus?  Please help.


Edited by sumi1, 11 July 2015 - 06:49 AM.


BC AdBot (Login to Remove)

 


#2 sumi1

sumi1
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:00 AM

Posted 12 July 2015 - 02:50 AM

I still have the problem and issue has not been solved. Help

 

I have Windows Vista and AVG antivirus on the system. In one of the scans, AVG detected Trojan horse generic_r.EXT. It quarantines the said virus but does not remove it. On every scan, AVG detects the same virus and quarantines it. 

 

I have used Microsoft Security Essential, Microsoft Safety scanner, Adwcleaner, Combofix and they all were not able to detect this virus. Apparently AVG does a good job of detecting it  but not removing it. What do I do? 

 

How do I remove this virus?  Please help.



#3 sumi1

sumi1
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:00 AM

Posted 12 July 2015 - 03:24 AM

Here are the results of Farbar Recovery Scan Tool

 

FRST Text

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-07-2015
Ran by Suman (administrator) on SUMAN-PC on 12-07-2015 13:25:12
Running from C:\Users\Suman\Downloads
Loaded Profiles: Suman (Available Profiles: Suman)
Platform: Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_04e021df\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vfsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
() C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_04e021df\AEstSrv.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Devguru Co., Ltd.) C:\Windows\System32\dgdersvc.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
() C:\Windows\SMINST\BLService.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
() C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe
(Venturi Wireless) C:\Program Files\Netbooster Client\Client\VentC.exe
(SQUID Web Proxy Cache - http://www.squid-cache.org/) C:\Program Files\Netbooster Client\squid\ventcsquid.exe
(SQUID Web Proxy Cache - http://www.squid-cache.org/) C:\Program Files\Netbooster Client\squid\ventcdnsserver.exe
(SQUID Web Proxy Cache - http://www.squid-cache.org/) C:\Program Files\Netbooster Client\squid\ventcdnsserver.exe
(SQUID Web Proxy Cache - http://www.squid-cache.org/) C:\Program Files\Netbooster Client\squid\ventcdnsserver.exe
(SQUID Web Proxy Cache - http://www.squid-cache.org/) C:\Program Files\Netbooster Client\squid\ventcdnsserver.exe
(SQUID Web Proxy Cache - http://www.squid-cache.org/) C:\Program Files\Netbooster Client\squid\ventcdnsserver.exe
(SQUID Web Proxy Cache - http://www.squid-cache.org/) C:\Program Files\Netbooster Client\squid\ventcdnsserver.exe
(SQUID Web Proxy Cache - http://www.squid-cache.org/) C:\Program Files\Netbooster Client\squid\ventcunlinkd.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
(CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Venturi Wireless) C:\Program Files\Netbooster Client\Configurator\ventcfg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Macrovision Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
() C:\Program Files\MBlaze UI\bin\App.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [217088 2008-01-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [OnScreenDisplay] => C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554288 2007-11-02] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2008-04-24] (CyberLink Corp.)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-03-14] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-16] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Venturi Configurator] => C:\Program Files\Netbooster Client\Configurator\ventcfg.exe [959880 2007-08-14] (Venturi Wireless)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [DpAgent] => C:\Program Files\DigitalPersona\Bin\dpagent.exe [842816 2009-12-01] (DigitalPersona, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-09] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-05] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-10-09] (Hewlett-Packard)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [442433 2008-04-29] (IDT, Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3730344 2015-06-30] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-1132745403-967859864-2404794970-1003\...\Run: [Messenger (Yahoo!)] => C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-1132745403-967859864-2404794970-1003\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [226904 2007-07-13] (Macrovision Corporation)
HKU\S-1-5-21-1132745403-967859864-2404794970-1003\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3365176 2010-09-09] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1132745403-967859864-2404794970-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4825880 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-1132745403-967859864-2404794970-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [220672 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1132745403-967859864-2404794970-1003\...\InprocServer32: [Default-pngfilt]  <==== ATTENTION!
 
Lsa: [Notification Packages] scecli DPPWDFLT
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2011-11-03]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2008-09-25]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Suman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2011-11-28]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Suman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\y.lnk [2015-05-07]
ShortcutTarget: y.lnk -> C:\Users\Suman\AppData\Roaming\obrvaquzdt.exe (Miva Merchant)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1132745403-967859864-2404794970-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1132745403-967859864-2404794970-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-21-1132745403-967859864-2404794970-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1132745403-967859864-2404794970-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1132745403-967859864-2404794970-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-1132745403-967859864-2404794970-1003 -> {DD3972E8-78A0-4031-A5FE-FCBA2EC1CCEB} URL = http://search.avg.com/route/?d=4b04f6ef&v=6.10.6.4&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: DigitalPersona Personal Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-12-01] (DigitalPersona, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-10-25] (Sun Microsystems, Inc.)
BHO: AOL Toolbar BHO -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03] (AOL LLC)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-01] (Skype Technologies S.A.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-10-25] (Sun Microsystems, Inc.)
Toolbar: HKLM - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03] (AOL LLC)
Toolbar: HKU\S-1-5-21-1132745403-967859864-2404794970-1003 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03] (AOL LLC)
Toolbar: HKU\S-1-5-21-1132745403-967859864-2404794970-1003 -> No Name - {A057A204-BACC-4D26-9990-79A187E2698E} -  No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-01] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Tcpip\..\Interfaces\{2C817DB7-4685-470B-B5E7-618B358C9B3B}: [NameServer] 10.228.1.113 10.228.1.114
Tcpip\..\Interfaces\{92877C11-655E-46F3-9699-E2D9574DB46D}: [DhcpNameServer] 192.168.42.129
 
FireFox:
========
FF ProfilePath: C:\Users\Suman\AppData\Roaming\Mozilla\Firefox\Profiles\nky6ouuf.default
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-27] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2008-03-20] (Adobe Systems, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-08-13] (Google, Inc.)
FF Plugin: @java.com/DTPlugin -> C:\Program Files\Java\jre6\bin\dtplugin\npDeployJava1.dll [2012-09-24] (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2012-09-24] (Sun Microsystems, Inc.)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2008-11-05] (Yahoo! Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/npracplug;version=1.0.0.0 -> C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll [2005-04-28] (RealNetworks)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-23] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-23] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1132745403-967859864-2404794970-1003: @talk.google.com/GoogleTalkPlugin -> C:\Users\Suman\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1132745403-967859864-2404794970-1003: @talk.google.com/O1DPlugin -> C:\Users\Suman\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1132745403-967859864-2404794970-1003: @tools.google.com/Google Update;version=3 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-1132745403-967859864-2404794970-1003: @tools.google.com/Google Update;version=9 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-1132745403-967859864-2404794970-1003: @yahoo.com/BrowserPlus,version=2.4.21 -> C:\Users\Suman\AppData\Local\Yahoo!\BrowserPlus\2.4.21\Plugins\npybrowserplus_2.4.21.dll [2009-11-13] (Yahoo! Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Suman\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Suman\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF HKU\S-1-5-21-1132745403-967859864-2404794970-1003\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files\DigitalPersona\Bin\firefoxext
FF Extension: DigitalPersona Extension - C:\Program Files\DigitalPersona\Bin\firefoxext [2009-12-09]
 
Chrome: 
=======
CHR Profile: C:\Users\Suman\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Suman\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-01]
CHR Extension: (Google Wallet) - C:\Users\Suman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-25]
StartMenuInternet: chrome.exe - C:\Users\Suman\AppData\Local\Google\Chrome\Application\chrome.exe
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2011-11-03] () [File not signed]
R2 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_04e021df\aestsrv.exe [73728 2008-02-13] (Andrea Electronics Corporation)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3518376 2015-06-30] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [314304 2015-06-30] (AVG Technologies CZ, s.r.o.)
R2 dgdersvc; C:\Windows\system32\dgdersvc.exe [95568 2010-09-09] (Devguru Co., Ltd.)
R2 DpHost; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [322624 2009-12-01] (DigitalPersona, Inc.) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2009-07-02] (Macrovision Europe Ltd.) [File not signed]
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [217088 2010-09-09] (Teruten) [File not signed]
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [361808 2008-04-26] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_04e021df\STacSV.exe [221239 2008-04-29] (IDT, Inc.)
R2 UDisk Monitor; C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe [512000 2013-04-17] () [File not signed]
R2 VenturiClient; C:\Program Files\Netbooster Client\Client\ventc.exe [2475360 2007-08-14] (Venturi Wireless)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
U2 vToolbarUpdater18.5.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [132576 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [231856 2015-06-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [190944 2015-05-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [29664 2015-05-14] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [207328 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [290272 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [170464 2015-06-10] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [35808 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [213984 2015-05-12] (AVG Technologies CZ, s.r.o.)
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [127248 2006-12-15] (Deterministic Networks, Inc.)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36640 2010-09-09] () [File not signed]
R3 Generalusbserialser20679; C:\Windows\System32\DRIVERS\CT_U_USBSER.sys [108544 2013-03-05] (Incorporated)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [100224 2010-04-27] (MCCI Corporation)
R3 vwinter; C:\Windows\system32\drivers\vwinter.sys [47392 2007-04-30] (Venturi Wireless, Inc.)
R3 vwredir; C:\Windows\system32\drivers\vwredir.sys [85792 2007-04-30] (Venturi Wireless, Inc.)
S3 zteusbser; C:\Windows\System32\DRIVERS\CT_ZTEMT_U_USBSER.sys [104320 2008-09-01] (ZTEMT Incorporated)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
U4 Bcgp30at; No ImagePath
S3 catchme; \??\C:\Users\Suman\AppData\Local\Temp\catchme.sys [X]
U1 eabfiltr; No ImagePath
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-12 13:25 - 2015-07-12 13:28 - 00023949 _____ C:\Users\Suman\Downloads\FRST.txt
2015-07-12 13:24 - 2015-07-12 13:25 - 00000000 ____D C:\FRST
2015-07-12 13:21 - 2015-07-12 13:21 - 01634816 _____ (Farbar) C:\Users\Suman\Downloads\FRST.exe
2015-07-11 14:25 - 2015-07-11 14:29 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Suman\Downloads\SpyHunter-Installer (1).exe
2015-07-11 13:51 - 2015-07-11 13:55 - 05023976 _____ (AVG Technologies) C:\Users\Suman\Downloads\avg_isc_stb_all_2015_ltst_206.exe
2015-07-10 21:07 - 2015-07-10 21:11 - 00000000 ____D C:\Users\Suman\Downloads\avg_arl_ffi_all_120_150511a9757
2015-07-10 21:04 - 2015-07-10 21:04 - 00001860 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-07-10 21:04 - 2015-07-10 21:04 - 00001854 _____ C:\Users\Public\Desktop\WinZip.lnk
2015-07-10 21:04 - 2015-07-10 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-07-10 21:04 - 2015-07-10 21:04 - 00000000 ____D C:\Program Files\WinZip
2015-07-10 20:44 - 2015-07-11 17:52 - 00001228 _____ C:\Windows\PFRO.log
2015-07-10 20:37 - 2015-07-10 20:37 - 00014755 _____ C:\ComboFix.txt
2015-07-10 20:10 - 2011-06-26 12:15 - 00256000 _____ C:\Windows\PEV.exe
2015-07-10 20:10 - 2010-11-07 22:50 - 00208896 _____ C:\Windows\MBR.exe
2015-07-10 20:10 - 2009-04-20 10:26 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-10 20:10 - 2000-08-31 05:30 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-10 20:10 - 2000-08-31 05:30 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-10 20:10 - 2000-08-31 05:30 - 00098816 _____ C:\Windows\sed.exe
2015-07-10 20:10 - 2000-08-31 05:30 - 00080412 _____ C:\Windows\grep.exe
2015-07-10 20:10 - 2000-08-31 05:30 - 00068096 _____ C:\Windows\zip.exe
2015-07-09 20:14 - 2015-07-09 20:15 - 02244096 _____ C:\Users\Suman\Downloads\adwcleaner_4.207.exe
2015-07-09 19:20 - 2015-07-09 20:29 - 00000000 ____D C:\AdwCleaner
2015-07-09 19:17 - 2015-07-09 19:18 - 02244096 _____ C:\Users\Suman\Downloads\adwcleaner-4-207-multi-win.exe
2015-07-06 20:08 - 2015-07-06 20:56 - 209270288 _____ C:\Users\Suman\Downloads\avg_arl_ffi_all_120_150511a9757.zip
2015-07-06 19:30 - 2015-07-06 19:30 - 00000000 ____D C:\found.000
2015-07-04 21:33 - 2015-07-04 21:33 - 00000714 _____ C:\Windows\setupact.log
2015-07-04 21:33 - 2015-07-04 21:33 - 00000000 _____ C:\Windows\setuperr.log
2015-07-04 18:59 - 2015-07-04 19:04 - 51812576 _____ (Microsoft Corporation) C:\Users\Suman\Downloads\Windows-KB890830-V5.25.exe
2015-07-03 19:41 - 2015-07-04 16:53 - 00000000 ____D C:\Users\Suman\Downloads\stinger
2015-07-02 21:27 - 2015-07-02 21:27 - 00019358 _____ C:\Windows\system32\.crusader
2015-07-02 20:52 - 2015-07-03 19:22 - 00000000 ____D C:\Program Files\HitmanPro
2015-07-02 20:51 - 2015-07-02 21:28 - 00000000 ____D C:\ProgramData\HitmanPro
2015-07-02 18:57 - 2015-07-02 18:58 - 482351576 _____ C:\registry backup.reg
2015-07-01 19:47 - 2015-07-01 19:53 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Suman\Downloads\SpyHunter-Installer.exe
2015-06-27 21:41 - 2015-06-27 21:44 - 05630589 ____R (Swearware) C:\Users\Suman\Downloads\ComboFix.exe
2015-06-27 19:47 - 2015-06-27 19:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-27 19:29 - 2015-06-27 19:38 - 01638400 _____ (Malwarebytes Corporation ) C:\Users\Suman\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-26 09:49 - 2015-06-26 09:49 - 00231856 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys
2015-06-23 20:07 - 2015-06-23 20:57 - 172555024 _____ (Microsoft Corporation) C:\Users\Suman\Downloads\msert.exe
2015-06-23 19:38 - 2015-07-11 17:44 - 00000842 _____ C:\Users\Public\Desktop\AVG 2015.lnk
2015-06-23 19:38 - 2015-07-11 17:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-06-23 19:32 - 2015-06-23 19:32 - 00000000 ___HD C:\$AVG
2015-06-23 19:06 - 2015-06-23 19:10 - 05017688 _____ (AVG Technologies) C:\Users\Suman\Downloads\avg_free_stb_all_2015_ltst_284.exe
2015-06-21 14:18 - 2015-04-24 21:24 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-21 14:10 - 2015-05-21 19:52 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-21 14:09 - 2015-05-09 04:38 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-21 13:47 - 2015-05-05 04:20 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-21 13:46 - 2015-05-05 04:21 - 10628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-21 13:46 - 2015-05-05 04:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-21 13:46 - 2015-05-05 04:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-21 13:46 - 2015-05-05 02:51 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-16 20:17 - 2015-05-14 16:04 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-16 20:17 - 2015-05-14 16:04 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-16 20:17 - 2015-05-14 16:04 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-16 20:17 - 2015-05-14 16:04 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-06-16 20:17 - 2015-05-14 16:04 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-06-16 20:17 - 2015-05-14 16:02 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-06-16 20:17 - 2015-05-14 16:00 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2015-06-16 20:17 - 2015-05-14 16:00 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-16 20:17 - 2015-05-14 15:59 - 06008832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-16 20:17 - 2015-05-14 15:59 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-16 20:17 - 2015-05-14 15:59 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-16 20:17 - 2015-05-14 15:59 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-06-16 20:17 - 2015-05-14 15:58 - 11085312 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-16 20:17 - 2015-05-14 15:58 - 02006016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-16 20:17 - 2015-05-14 15:58 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-16 20:17 - 2015-05-14 15:58 - 00727552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-16 20:17 - 2015-05-14 15:58 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-16 20:17 - 2015-05-14 15:58 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-06-16 20:17 - 2015-05-14 15:58 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-16 20:17 - 2015-05-14 15:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-06-16 20:17 - 2015-05-14 15:58 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-16 20:17 - 2015-05-14 15:58 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-16 20:17 - 2015-05-14 15:58 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-06-16 20:17 - 2015-05-14 15:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-16 20:17 - 2015-05-14 15:56 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-16 20:17 - 2015-05-14 15:56 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-16 20:17 - 2015-05-14 15:56 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2015-06-16 20:17 - 2015-05-14 14:23 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-16 20:17 - 2015-05-14 12:35 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-16 20:17 - 2015-05-14 12:35 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-16 20:17 - 2015-05-14 12:34 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-06-16 20:17 - 2015-05-14 12:33 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-16 18:35 - 2015-06-16 18:35 - 00000000 ____D C:\Windows\Temp47886240-F9CE-6016-8924-80887DAAC20B-Signatures
2015-06-16 18:21 - 2015-06-16 18:21 - 00000000 ____D C:\Windows\Temp8ED74279-1494-4F58-B35D-6206150D4B4D-Signatures
2015-06-16 15:54 - 2015-06-16 15:54 - 00207328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx86.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-12 13:29 - 2013-02-25 23:15 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-12 13:28 - 2008-09-24 23:56 - 01557851 _____ C:\Windows\WindowsUpdate.log
2015-07-12 13:24 - 2009-07-01 21:06 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1132745403-967859864-2404794970-1003UA.job
2015-07-12 13:09 - 2006-11-02 16:03 - 00756780 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-12 13:02 - 2011-05-29 22:29 - 00000000 ____D C:\ProgramData\MFAData
2015-07-12 12:59 - 2008-09-25 00:51 - 00000286 _____ C:\Users\Public\Documents\hpqp.ini
2015-07-12 12:58 - 2014-11-14 19:47 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-12 12:56 - 2006-11-02 18:28 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-12 12:56 - 2006-11-02 18:15 - 00003344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-12 12:56 - 2006-11-02 18:15 - 00003344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-12 00:37 - 2008-09-24 23:55 - 00000012 _____ C:\Windows\bthservsdp.dat
2015-07-12 00:37 - 2006-11-02 18:28 - 00032554 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-12 00:34 - 2012-08-18 21:44 - 00000000 ____D C:\Users\Suman\AppData\Roaming\vlc
2015-07-11 23:44 - 2014-11-14 19:47 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-11 21:24 - 2009-07-01 21:06 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1132745403-967859864-2404794970-1003Core.job
2015-07-11 20:25 - 2008-10-22 10:49 - 00009216 _____ C:\Users\Suman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-10 21:05 - 2008-12-24 21:04 - 00000000 ____D C:\ProgramData\WinZip
2015-07-10 21:05 - 2008-10-22 04:17 - 00000000 ____D C:\Users\Suman
2015-07-10 20:38 - 2013-05-03 19:07 - 00000000 ____D C:\Qoobox
2015-07-10 20:34 - 2006-11-02 15:53 - 00000215 _____ C:\Windows\system.ini
2015-07-09 19:10 - 2014-11-25 20:17 - 00000000 ____D C:\ProgramData\AVG2015
2015-07-03 22:58 - 2010-03-05 01:27 - 00000000 ____D C:\Windows\Minidump
2015-07-03 19:21 - 2013-04-24 18:34 - 00001945 _____ C:\Windows\epplauncher.mif
2015-06-28 20:53 - 2011-12-06 19:31 - 00000000 ____D C:\Users\Suman\AppData\Roaming\BitTorrent
2015-06-27 23:40 - 2013-02-25 23:15 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-27 23:40 - 2013-02-25 23:15 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-27 18:35 - 2013-05-04 20:19 - 00000000 ____D C:\Users\Suman\Downloads\Anti virus set ups
2015-06-26 21:46 - 2008-10-23 19:06 - 00000000 ____D C:\movies
2015-06-23 20:30 - 2014-11-14 20:02 - 00001927 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-23 13:27 - 2009-10-31 18:53 - 00246952 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-21 18:54 - 2006-11-02 18:14 - 00394008 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-21 17:50 - 2008-12-10 23:06 - 00000000 ____D C:\Users\Suman\AppData\Roaming\Skype
2015-06-21 14:14 - 2008-09-01 19:22 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-21 14:10 - 2006-11-02 16:48 - 00000000 ____D C:\Windows\rescache
2015-06-21 14:09 - 2013-07-30 22:55 - 00000000 ____D C:\Windows\system32\MRT
 
==================== Files in the root of some directories =======
 
2008-12-29 13:54 - 2008-12-29 13:53 - 0774144 _____ (RealNetworks, Inc.) C:\Program Files\RngInterstitial.dll
2015-05-07 20:02 - 2015-05-07 20:03 - 101101568 ____R (Miva Merchant) C:\Users\Suman\AppData\Roaming\obrvaquzdt.exe
2013-07-28 20:10 - 2014-09-20 12:26 - 0000091 _____ () C:\Users\Suman\AppData\Roaming\WB.CFG
2008-10-22 04:25 - 2008-10-22 04:25 - 0000000 _____ () C:\Users\Suman\AppData\Local\AtStart.txt
2009-06-30 22:04 - 2009-06-30 22:04 - 0000552 _____ () C:\Users\Suman\AppData\Local\d3d8caps.dat
2008-12-06 13:53 - 2015-06-06 12:26 - 0006648 _____ () C:\Users\Suman\AppData\Local\d3d9caps.dat
2008-10-22 10:49 - 2015-07-11 20:25 - 0009216 _____ () C:\Users\Suman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-12-29 14:11 - 2008-12-29 14:11 - 0000098 _____ () C:\Users\Suman\AppData\Local\DownloadLog.txt
2008-10-22 04:25 - 2008-10-22 04:25 - 0000000 _____ () C:\Users\Suman\AppData\Local\DSwitch.txt
2011-02-04 20:33 - 2011-02-04 20:33 - 0000000 _____ () C:\Users\Suman\AppData\Local\FnF4.txt
2008-10-22 04:25 - 2008-10-22 04:25 - 0000000 _____ () C:\Users\Suman\AppData\Local\QSwitch.txt
2008-12-10 23:11 - 2008-12-10 23:11 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2008-09-01 19:50 - 2008-09-01 19:51 - 0000372 _____ () C:\ProgramData\hpzinstall.log
 
Some files in TEMP:
====================
C:\Users\Suman\AppData\Local\temp\cdo1163903881.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-07-12 13:14
 
==================== End of log ============================

Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-07-2015
Ran by Suman at 2015-07-12 13:30:52
Running from C:\Users\Suman\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1132745403-967859864-2404794970-500 - Administrator - Disabled)
Guest (S-1-5-21-1132745403-967859864-2404794970-501 - Limited - Disabled)
Suman (S-1-5-21-1132745403-967859864-2404794970-1003 - Administrator - Enabled) => C:\Users\Suman
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.1.8210 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Photoshop Elements 6.0 (HKLM\...\Adobe Photoshop Elements 6) (Version: 6.0 - Adobe Systems Inc.)
Adobe Reader 9.5.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - Agere Systems)
AOL Toolbar 5.0 (HKLM\...\AOL Toolbar) (Version: 5.2.69.1 - AOL LLC)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6081 - AVG Technologies)
AVG 2015 (Version: 15.0.4392 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6081 - AVG Technologies) Hidden
BitTorrent (HKLM\...\BitTorrent) (Version: 8.0.0 - BitTorrent Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.77.3 - Broadcom Corporation)
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Cards_Calendar_OrderGift_DoMorePlugout (Version: 1.00.0000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CyberLink DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.1519 - CyberLink Corp.)
DigitalPersona Personal 4.11 (HKLM\...\{47F3EDF5-C821-49E6-B9B3-D00BF0A9BAB8}) (Version: 4.11.3826 - DigitalPersona, Inc.)
Free Natural Text to Speech Reader 2008 (HKLM\...\{3E5DA526-F420-45A6-9F27-D2B5246D6823}) (Version: 7.0 - NaturalSoft Limited)
GOM Player (HKLM\...\GOM Player) (Version: 2.1.26.5021 - Gretech Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Talk Plugin (HKLM\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}) (Version: 5.7.0.2630 - Hewlett-Packard)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
HP DVD Play 3.7 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version:  - )
HP Easy Setup - Frontend (HKLM\...\{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}) (Version: 5.7.0.2630 - Hewlett-Packard)
HP Help and Support (HKLM\...\{0054A0F6-00C9-4498-B821-B5C9578F433E}) (Version: 2.1.0.0 - Hewlett-Packard Company)
HP Integrated Module with Bluetooth wireless technology 6.0.1.6202 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6202 - HP)
HP MULTIPLE MODEM INSTALLER for VISTA (HKLM\...\{45A136EC-88BF-4B95-99F5-C45D3930E1CC}) (Version: 1.0.0.30 - Hewlett Packard)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Quick Launch Buttons 6.40 D3 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 D3 - Hewlett-Packard)
HP QuickTouch 1.00 D2 (HKLM\...\{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}) (Version: 1.0.9 - Hewlett-Packard)
HP Total Care Advisor (HKLM\...\{f32502b5-5b64-4882-bf61-77f23edcac4f}) (Version: 2.1.3359.2635 - Hewlett-Packard)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP User Guides 0101 (HKLM\...\{22712FAD-DE04-4D50-82A6-3C7AC5D55AA2}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{340F521E-3576-4E1A-B75C-EB0ACF751379}) (Version: 3.00 J1 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_Tattoo (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.02.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookHolidayPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookModernPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookPlayfulPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookScrapbookPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookWebPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.5934.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java™ 6 Update 37 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.370 - Oracle)
Java™ 6 Update 5 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160050}) (Version: 1.6.0.50 - Sun Microsystems, Inc.)
JMicron JMB38X Flash Media Controller (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.11.02 - JMicron Technology Corp.)
Kies (HKLM\...\InstallShield_{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}) (Version: 1.4 - Samsung Electronics Co., Ltd.)
Kies (Version: 1.4 - Samsung Electronics Co., Ltd.) Hidden
LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.20.2719 - CyberLink Corp.)
MBlaze UI (HKLM\...\ZTEWireless-101_is1) (Version:  - )
Media Player Codec Pack 3.9.6 (HKLM\...\Media Player - Codec Pack) (Version:  - Media Player Codec Pack)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Reader (HKLM\...\{B6F7DBE7-2FE2-458F-A738-B10832746036}) (Version:  - )
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MIKSOFT Mobile AMR converter (HKLM\...\MIKSOFT Mobile AMR converter_is1) (Version:  - MIKSOFT)
Mozilla Firefox 33.1 (x86 en-US) (HKLM\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee autoProducer 6.1 (HKLM\...\{35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}) (Version: 6.10.050 - muvee Technologies)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.43 - WildTangent)
MyFreeCodec (HKLM\...\MyFreeCodec) (Version:  - )
MyFreeCodec (HKU\S-1-5-21-1132745403-967859864-2404794970-1003\...\MyFreeCodec) (Version:  - )
Netbooster (HKLM\...\{9C59FA2E-EEDA-41FA-90AC-F8FCBD032E85}) (Version: 4.3.0 - Reliance) <==== ATTENTION
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OutlookAddInNet3Setup (HKLM\...\{5B4383F2-37EE-4E97-AD81-F5FF76F286DA}) (Version: 1.0.0 - Samsung)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.3919 - CyberLink Corp.)
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2719 - CyberLink Corp.)
PowerDirector (Version: 6.5.2719 - CyberLink Corp.) Hidden
ProtectSmart Hard Drive Protection (HKLM\...\{AAD72731-807A-4B79-AE05-9190B7002B7B}) (Version: 3.10 A7 - Hewlett-Packard)
PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
QuickPlay SlingPlayer 0.4.6 (HKLM\...\SlingMedia.QPSlingPlayer_is1) (Version: 0.4.6 - SlingMedia)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Reliance Netconnect - Broadband+ (HKLM\...\Reliance Netconnect - Broadband+) (Version: 11.030.01.04.114 - Huawei Technologies Co.,Ltd)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.950.0 - SAMSUNG Electronics Co., Ltd.)
Skype Toolbars (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.5.7896 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Super File Shredder version 4.12 (HKLM\...\{C681E356-89A8-49D1-9621-29DC9A9F83A0}_is1) (Version: 4.12 - Kakasoft, Inc.)
Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Validity Sensors software (HKLM\...\{567E8236-C414-4888-8211-3D61608D57AE}) (Version: 2.7.39 - Validity Sensors, Inc.)
VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.3 (HKLM\...\VLC media player) (Version: 2.0.3 - VideoLAN)
WinZip 12.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}) (Version: 12.0.8252 - WinZip Computing, S.L. )
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Yahoo! BrowserPlus (HKU\S-1-5-21-1132745403-967859864-2404794970-1003\...\Yahoo! BrowserPlus) (Version:  - Yahoo! Inc.)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )
ZTE CDMA1X MODEM (HKLM\...\ZTE_CDMA1X_CARD_USBHOST_is1) (Version:  - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{00021401-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{01B48E19-3C98-4B34-B679-86D14E74C2D8}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.21.95\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Suman\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{0713E8A2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{0713E8A8-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{0713E8D2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{0713E8D8-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.27.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\MSCOMCTL.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\MSCOMCTL.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{3050F4F5-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{30C3B080-30FB-11D0-B724-00AA006C1A01}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{31AC3F11-E5EA-4A85-8A3D-8E095A39C27B}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.2.131.27\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\MSCOMCTL.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{373FF7F0-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{373FF7F4-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{38911D8E-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{38911D90-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{38911D92-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{3B7C8860-D78F-101B-B9B5-04021C009402}\InprocServer32 -> C:\Windows\system32\Richtx32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 -> C:\Program Files\NaturalSoft\FreeVersion70\msinet.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{586A6352-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{586A6353-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{586A6354-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{586A6355-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{586A6356-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{586A6357-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{586A6359-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{58C87B7C-EF54-46CD-88DA-F2E89E378462}\InprocServer32 -> C:\Program Files\NaturalSoft\FreeVersion70\DTray.ocx (Cabesa)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{58DA8D8A-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{58DA8D8F-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{58DA8D93-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{58DA8D96-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{5ACBB955-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{5ACBB956-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{5ACBB957-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{5ACBB958-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{6027C2D4-FB28-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{612A8624-0FB3-11CE-8747-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{612A8628-0FB3-11CE-8747-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{62823C20-41A3-11CE-9E8B-0020AF039CA3}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\MSCOMCTL.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{6A01FDA0-30DF-11D0-B724-00AA006C1A01}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{6B7E638F-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{6B7E6393-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{6B7E63A3-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{78E5A540-1850-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\Richtx32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> C:\Windows\system32\urlmon.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{7DA06D40-54A0-11CF-A521-0080C77A7786}\InprocServer32 -> C:\Windows\system32\tabctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\MSCOMCTL.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{9ED94440-E5E8-101B-B9B5-444553540000}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{9ED94444-E5E8-101B-B9B5-444553540000}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{A3CCEDF7-2DE2-11D0-86F4-00A0C913F750}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{AFC634B0-4B8B-11CF-8989-00AA00688B10}\InprocServer32 -> C:\Windows\system32\Richtx32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{B617B991-A767-4F05-99BA-AC6FCABB102E}\InprocServer32 -> C:\Windows\system32\Richtx32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{B66834C6-2E60-11CE-8748-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{BDC217C5-ED16-11CD-956C-0000C04E4C0A}\InprocServer32 -> C:\Windows\system32\tabctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\MSCOMCTL.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.26.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\MSCOMCTL.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{D7B70EE0-4340-11CF-B063-0020AFC2CD35}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\MSCOMCTL.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{DF2FCE13-25EC-45BB-9D4C-CECD47C2430C}\InprocServer32 -> C:\Windows\system32\urlmon.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.27.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\MSCOMCTL.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{F6406B2D-39A7-4566-A174-E19DDD818A95}\InprocServer32 -> C:\Users\Suman\AppData\Local\Yahoo!\BrowserPlus\2.4.21\Plugins\YBPAddon_2.4.21.dll (Yahoo! Inc.)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{FDBA56A8-8FA7-41A3-97F4-A094019C4178}\InprocServer32 -> C:\Users\Suman\AppData\Local\Yahoo!\BrowserPlus\2.4.17\Plugins\YBPAddon_2.4.17.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Suman\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1132745403-967859864-2404794970-1003_Classes\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocServer32 -> No Filepath
 
==================== Restore Points =========================
 
02-07-2015 21:25:51 Checkpoint by HitmanPro
02-07-2015 21:26:45 Checkpoint by HitmanPro
03-07-2015 20:21:24 Windows Update
04-07-2015 11:29:58 Windows Update
04-07-2015 16:54:20 Windows Update
04-07-2015 19:23:28 Windows Update
04-07-2015 21:02:14 Windows Update
04-07-2015 21:35:32 Windows Update
05-07-2015 00:13:01 Windows Update
05-07-2015 14:38:45 Windows Update
08-07-2015 20:05:39 Windows Update
09-07-2015 19:47:21 Windows Update
10-07-2015 20:41:20 Windows Update
10-07-2015 20:58:31 Removed WinZip 12.0
10-07-2015 21:02:51 Installed WinZip 12.0
11-07-2015 17:37:32 Installed AVG 2015
12-07-2015 00:34:55 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2006-11-02 15:53 - 2013-05-03 19:25 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {07DF495C-81AC-439C-8BD7-43E6AEA4D41C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {37E03F49-865C-4220-869A-61BA39609748} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {4F053A76-71E3-427A-85C6-0C058A4D8323} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1132745403-967859864-2404794970-1003UA => C:\Users\Suman\AppData\Local\Google\Update\GoogleUpdate.exe [2014-11-05] (Google Inc.)
Task: {57DF13DC-11D6-4D79-8E5F-DE88F45B6F4E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1132745403-967859864-2404794970-1003Core => C:\Users\Suman\AppData\Local\Google\Update\GoogleUpdate.exe [2014-11-05] (Google Inc.)
Task: {5BCB9940-9252-4D26-ACC4-CD9D7D49BF04} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-14] (Google Inc.)
Task: {60379D37-A48B-41A5-AC68-017300E8AA15} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {727E69D3-EE5F-4A60-AEB3-75FA41297544} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-14] (Google Inc.)
Task: {8BA41A8F-D9F2-47AB-A120-415C052D7A79} - System32\Tasks\{03A58045-2B96-4994-8EDB-6130F53B3906} => pcalua.exe -a C:\Users\Suman\Documents\Downloads\youtubedownloader.exe -d C:\Users\Suman\Documents\Downloads
Task: {9F35F8F5-F394-4B2C-A8C3-329550B47127} - System32\Tasks\{F9F81284-DF7A-416E-B009-D09568F699F8} => pcalua.exe -a C:\Users\Suman\Documents\Downloads\3dfallingleavesawp.exe -d C:\Users\Suman\Documents\Downloads
Task: {ADACE5E4-1B62-4CD7-8E07-9FAC922FBC3C} - System32\Tasks\{8F1AA11E-DAEF-4D97-849A-2D0CE59D2AD0} => C:\Program Files\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {B1063E24-2603-4B57-8138-DD110C7B7F8D} - System32\Tasks\{6DD74A55-A4FC-44CB-AB15-682A4D85A26D} => pcalua.exe -a C:\Users\Suman\Documents\Downloads\standardsetup.exe -d C:\Users\Suman\Documents\Downloads
Task: {B569BCC2-ACE5-4AA3-85D4-01450E2B8181} - System32\Tasks\{6E74FD48-141A-4744-8AF3-5BF8A4794436} => pcalua.exe -a "H:\IBSAT Preparation Kit\SETUP\SETUP.EXE" -d "H:\IBSAT Preparation Kit\SETUP"
Task: {D262940D-40E8-49C9-B4CD-B9FCB23170C2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-27] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1132745403-967859864-2404794970-1003Core.job => C:\Users\Suman\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1132745403-967859864-2404794970-1003UA.job => C:\Users\Suman\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{A8FC0BC2-20CB-4BD7-8945-9F7F6E75F03D}.job => C:\Windows\system32\msfeedssync.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2007-09-11 00:45 - 2007-09-11 00:45 - 00124832 _____ () C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
2008-09-01 20:25 - 2008-04-26 04:45 - 00361808 _____ () C:\Windows\SMINST\BLService.exe
2008-09-01 20:25 - 2007-11-15 05:16 - 00126976 _____ () C:\Windows\SMINST\STWmiM.dll
2008-09-01 20:18 - 2007-01-09 14:55 - 00272024 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2013-11-11 20:23 - 2013-04-17 17:21 - 00512000 _____ () C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe
2008-12-06 12:24 - 2007-08-14 17:52 - 00107800 _____ () C:\Program Files\Netbooster Client\Client\libj2k.dll
2008-12-06 12:24 - 2007-08-14 17:52 - 00070936 _____ () C:\Program Files\Netbooster Client\Client\MPI.dll
2008-12-06 12:24 - 2007-08-14 17:52 - 00087320 _____ () C:\Program Files\Netbooster Client\Client\ZLIB.dll
2008-12-06 12:24 - 2007-08-14 17:52 - 00091416 _____ () C:\Program Files\Netbooster Client\Client\HS_REGEX.dll
2008-12-06 12:24 - 2007-08-14 17:52 - 00197912 _____ () C:\Program Files\Netbooster Client\Configurator\xmlparse.dll
2008-05-13 11:40 - 2008-05-13 11:40 - 00126976 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2008-09-01 18:55 - 2008-04-11 21:34 - 00685360 _____ () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
2008-12-08 21:30 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files\Yahoo!\Messenger\yui.dll
2013-11-11 20:23 - 2013-04-17 17:29 - 13021184 _____ () C:\Program Files\MBlaze UI\bin\App.exe
2013-11-11 20:23 - 2013-04-17 17:21 - 00019456 _____ () C:\Program Files\MBlaze UI\bin\zfThreading.dll
2013-11-11 20:23 - 2013-04-17 17:21 - 00057344 _____ () C:\Program Files\MBlaze UI\bin\zfLogService.dll
2013-11-11 20:23 - 2013-04-17 17:21 - 00192512 _____ () C:\Program Files\MBlaze UI\bin\zfHelper.dll
2013-11-11 20:23 - 2013-03-05 16:07 - 00971776 _____ () C:\Program Files\MBlaze UI\bin\libxml2.dll
2013-11-11 20:23 - 2013-03-05 16:07 - 00073728 _____ () C:\Program Files\MBlaze UI\bin\zlib1.dll
2013-11-11 20:23 - 2013-03-05 16:07 - 00290904 _____ () C:\Program Files\MBlaze UI\bin\libxslt.dll
2013-11-11 20:23 - 2013-04-17 17:21 - 00013312 _____ () C:\Program Files\MBlaze UI\bin\zfSoundPlayLib.dll
2013-11-11 20:23 - 2013-04-17 17:21 - 00204800 _____ () C:\Program Files\MBlaze UI\bin\zfXCommWrapper.dll
2013-11-11 20:23 - 2013-04-17 17:21 - 00450560 _____ () C:\Program Files\MBlaze UI\bin\zfXComm.dll
2013-11-11 20:23 - 2013-04-17 17:21 - 00014336 _____ () C:\Program Files\MBlaze UI\bin\zfSerialPort.dll
2013-11-11 20:23 - 2013-04-17 17:21 - 00065536 _____ () C:\Program Files\MBlaze UI\bin\zfCustomization.dll
2013-11-11 20:23 - 2013-04-17 17:21 - 00102400 _____ () C:\Program Files\MBlaze UI\bin\zfWaveLib.dll
2013-11-11 20:23 - 2013-04-17 17:21 - 00040960 _____ () C:\Program Files\MBlaze UI\bin\zfRasWrapper.dll
2013-11-11 20:23 - 2013-04-17 17:21 - 00077824 _____ () C:\Program Files\MBlaze UI\bin\zfDeviceHW.dll
2015-06-23 20:30 - 2015-06-20 11:16 - 15003976 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll
2009-01-18 15:50 - 2009-01-18 15:50 - 00417792 _____ () C:\Program Files\Adobe\Reader 9.0\Reader\adobexmp.dll
2007-11-16 16:02 - 2007-11-16 16:02 - 00401408 ____R () C:\Program Files\Adobe\Reader 9.0\Reader\cryptocme2.dll
2007-11-16 16:02 - 2007-11-16 16:02 - 00479232 ____R () C:\Program Files\Adobe\Reader 9.0\Reader\ccme_base.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:553CA6CA
AlternateDataStreams: C:\Users\Suman\Downloads\FileShredder-Setup.exe:BDU
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1132745403-967859864-2404794970-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Suman\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
DNS Servers: 10.228.1.113 - 10.228.1.114
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{7700F22A-AB55-4E56-9BD2-920EEB0B5B69}] => (Allow) C:\Program Files\HP\QuickPlay\QP.exe
FirewallRules: [{82E81FD6-0BF0-40B5-90DC-C3FE1057E920}] => (Allow) C:\Program Files\HP\QuickPlay\QPService.exe
FirewallRules: [{AA560514-24E7-4379-8FC1-967BFE6C680F}] => (Allow) C:\Program Files\Cyberlink\PowerDirector\PDR.EXE
FirewallRules: [{13BF6F41-9332-4343-A0F2-661BA5615D82}] => (Allow) C:\Program Files\Netbooster Client\squid\ventcsquid.exe
FirewallRules: [{2FB891A3-568D-4D3C-B485-B506422B558E}] => (Allow) C:\Program Files\Netbooster Client\squid\ventcsquid.exe
FirewallRules: [{52FC4144-3E78-49AA-890F-7D381B9DBAF4}] => (Allow) C:\Program Files\Netbooster Client\squid\ventcdnsserver.exe
FirewallRules: [{2E9AD172-03B0-4244-85FA-F0F8D986E73B}] => (Allow) C:\Program Files\Netbooster Client\squid\ventcdnsserver.exe
FirewallRules: [{BF899599-DD3B-4EFD-BD1A-D554CD884695}] => (Allow) C:\Program Files\Netbooster Client\Configurator\ventcfg.exe
FirewallRules: [{DA773290-6907-49DD-A177-5C95F083E589}] => (Allow) C:\Program Files\Netbooster Client\Configurator\ventcfg.exe
FirewallRules: [{950A26AD-D11D-4953-ADF4-9A615B23DDE8}] => (Allow) C:\Program Files\Netbooster Client\Configurator\VClientUpdate.exe
FirewallRules: [{D6793CBC-51D8-452A-9314-3DE2699B9C4A}] => (Allow) C:\Program Files\Netbooster Client\Configurator\VClientUpdate.exe
FirewallRules: [{663EFE5C-AF1C-4F9F-AE20-E0494F91F7E5}] => (Allow) C:\Program Files\Netbooster Client\Client\VentC.exe
FirewallRules: [{C1094D1E-6AD2-4558-9C77-B15F956BA636}] => (Allow) C:\Program Files\Netbooster Client\Client\VentC.exe
FirewallRules: [{4D86D300-A912-463D-AAEC-0C7B485AC164}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{FA2A2466-6B29-439C-9CC8-E7B7FFA6C0C8}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{CBB5DF11-CBCB-4D32-A6A3-9969183E24DA}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{3BEE1AFA-359A-4AA1-B58A-16CFB120983A}C:\my games\demolition derby and figure 8 race\ddfr.exe] => (Block) C:\my games\demolition derby and figure 8 race\ddfr.exe
FirewallRules: [UDP Query User{5B3DF94D-049E-4CAA-9638-36485BCB7D0A}C:\my games\demolition derby and figure 8 race\ddfr.exe] => (Block) C:\my games\demolition derby and figure 8 race\ddfr.exe
FirewallRules: [TCP Query User{C1414095-A15D-4B34-8BB5-DAA3EFE04F3C}F:\utorrent.exe] => (Block) F:\utorrent.exe
FirewallRules: [UDP Query User{65112C9A-E212-4700-9D9B-608D5505CEB2}F:\utorrent.exe] => (Block) F:\utorrent.exe
FirewallRules: [TCP Query User{7A400702-F45A-4A01-96E4-7A8EC6D24C46}C:\users\suman\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\suman\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{23443734-AE66-4397-A985-7AA51EC30A7D}C:\users\suman\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\suman\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{7899AF33-D0E8-4025-9327-8ED6D978DC85}] => (Allow) LPort=80
FirewallRules: [{217E48E6-46E6-4ED7-B488-C5F26DEBC957}] => (Allow) LPort=80
FirewallRules: [{EFCEF231-5AFD-401B-BFFA-3096998170FF}] => (Allow) LPort=80
FirewallRules: [{7670F006-15C4-430E-A292-11C27038BF89}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{B6986579-5BF4-401B-B70B-0CEDF5F05751}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{E0FC2D5E-C0B6-4AE5-9DDC-24836A851C62}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [{429D771B-8B04-4B3B-9940-B9E7BDBAEFF0}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [TCP Query User{88BECBA0-0C47-40F2-882D-7C2358099AC0}C:\program files\bittorrent\bittorrent.exe] => (Allow) C:\program files\bittorrent\bittorrent.exe
FirewallRules: [UDP Query User{098E674C-096B-4581-9C57-88C302418FFB}C:\program files\bittorrent\bittorrent.exe] => (Allow) C:\program files\bittorrent\bittorrent.exe
FirewallRules: [{5A673EF1-39B4-45AF-A692-36322E5C041C}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{617192E2-7E43-483E-B9CA-C788D1AD6702}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{24DCF738-4C8A-48DA-B294-13D172523C3E}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{88637745-4524-4424-ACC6-74041A62B3D9}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{686EAF90-32B1-4FC6-9014-B9457F043B93}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{CC6805BD-62D6-4D40-A866-1B7E1F87F286}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [TCP Query User{C0E818F8-A137-47D0-B3BA-10D6C12C8DE4}C:\program files\bittorrent\bittorrent.exe] => (Block) C:\program files\bittorrent\bittorrent.exe
FirewallRules: [UDP Query User{8F8E6B96-C55C-441C-8270-D5EAAA5BA730}C:\program files\bittorrent\bittorrent.exe] => (Block) C:\program files\bittorrent\bittorrent.exe
FirewallRules: [TCP Query User{019E1730-BB17-41E7-BE08-AD5A335902F0}C:\program files\yahoo!\messenger\yahoomessenger.exe] => (Block) C:\program files\yahoo!\messenger\yahoomessenger.exe
FirewallRules: [UDP Query User{065BD001-51AD-49BC-80F8-5FB320FCAA41}C:\program files\yahoo!\messenger\yahoomessenger.exe] => (Block) C:\program files\yahoo!\messenger\yahoomessenger.exe
FirewallRules: [{A8B457BA-5086-40C9-BB85-8461512BE199}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{86F11AA8-D7AD-4977-AE1D-BB54E6599628}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{D1C870E6-9609-48BD-BEF1-F364C3AADE92}] => (Allow) C:\Program Files\AVG\AVG2012\avgnsx.exe
FirewallRules: [{76A1C6C0-0538-44F4-B39F-C515E06C04A9}] => (Allow) C:\Program Files\AVG\AVG2012\avgnsx.exe
FirewallRules: [{2A6BBBFC-5F7A-4156-A558-559935461887}] => (Allow) C:\Program Files\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{622FD96C-93D7-445E-853D-91A17AE5623E}] => (Allow) C:\Program Files\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{A63574C0-08D7-4D5A-A032-8D10DB683515}] => (Allow) C:\Program Files\AVG\AVG2012\avgemcx.exe
FirewallRules: [{22092D18-90D4-49FF-9800-26C730DA16F1}] => (Allow) C:\Program Files\AVG\AVG2012\avgemcx.exe
FirewallRules: [{850CFD2D-2E7E-4EBF-9F8B-8A137451B3DD}] => (Allow) C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe
FirewallRules: [{DDADF617-75CC-45BB-942F-4B84677E0379}] => (Allow) C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe
FirewallRules: [{CF78A164-2CD9-40D7-BF65-5F8EA930F815}] => (Allow) C:\Users\Suman\AppData\Local\Torch\Plugins\Torrent\TorchTorrent.exe
FirewallRules: [{81E25534-105B-4F62-A0DC-B14E8733CCD9}] => (Allow) C:\Program Files\BitTorrent\BitTorrent.exe
FirewallRules: [{7D36939F-07F9-4E0A-BE10-145E2EF1B0DF}] => (Allow) C:\Program Files\BitTorrent\BitTorrent.exe
FirewallRules: [{FF53926A-A72A-4FCA-9F45-32981D5CD68A}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{CBC1BBC5-3336-4DA3-BDB8-9EA8F8A374C2}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{723AE027-E03F-4727-A4EB-0C9433C45168}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
FirewallRules: [{D46F563B-A9DD-47E0-9BAB-1ED53CC48BA6}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
FirewallRules: [{A8DCF34E-5EC2-4993-8055-5503C3518E38}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{315D34D7-1EE8-40F9-9BDB-E02E849B0C38}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{576F10C0-2073-4A38-9D9C-CDA80D7B5C46}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{1A979F18-5982-4D39-89BB-DC5D2616CA81}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{246E3D73-6144-42A3-9B1A-5DD666984124}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{0136F1BA-6C1B-4F9C-A454-C05CAE1D52A5}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe
FirewallRules: [{8B47DFE2-7A57-4DC6-9807-5D13119EA997}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe
FirewallRules: [{C8852261-36A4-49B1-B560-CF83A39BD6BA}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{FC36E0F1-3CAE-4DF3-B2B6-0F6847B8B4BE}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{3504E951-3F5B-49D1-A358-A4733E981BE2}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{DBEC6DB9-A21A-42E8-9412-4281F7B43E59}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{F6D7B863-7AC1-4727-8BD0-605D76397DA5}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe
FirewallRules: [{05BF3C90-31D7-4FC3-9A77-C5AC75D0AB42}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe
 
==================== Faulty Device Manager Devices =============
 
Name: isatap.{274FCA83-5679-47C3-B466-F4A0514C2FE9}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/12/2015 12:58:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/11/2015 05:53:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/11/2015 05:04:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/11/2015 01:39:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/11/2015 01:33:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/11/2015 01:25:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/10/2015 08:49:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/10/2015 08:00:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2015 08:34:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2015 07:58:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (07/12/2015 01:13:33 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (07/12/2015 01:13:29 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (07/12/2015 12:58:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: vToolbarUpdater18.5.0%%2
 
Error: (07/12/2015 12:58:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
 
Error: (07/12/2015 12:36:52 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: 0x80070490Security Update for Windows Vista (KB3045171){7A72F0A8-BFA5-4E00-8575-20B491AE3446}201
 
Error: (07/12/2015 12:36:50 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4385) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update 3045171-15_neutral_GDR from package KB3045171(Security Update) into Staged(Staged) state
 
Error: (07/12/2015 12:36:50 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4385) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update 3045171-14_neutral_LDR from package KB3045171(Security Update) into Staged(Staged) state
 
Error: (07/12/2015 12:36:50 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4385) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update Trigger_1 from package KB3045171(Security Update) into Staged(Staged) state
 
Error: (07/12/2015 12:36:50 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB3045171 (Security Update) into Install Requested(Install Requested) state
 
Error: (07/12/2015 12:36:50 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4385) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update 3045171-12_neutral_GDR from package KB3045171(Security Update) into Staged(Staged) state
 
 
Microsoft Office:
=========================
Error: (03/06/2012 06:33:22 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (08/26/2009 12:12:38 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 10 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (08/04/2009 11:14:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 22 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (08/04/2009 11:14:09 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 8 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (08/04/2009 11:14:00 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (07/18/2009 02:50:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 5 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (05/22/2009 02:47:45 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1452 seconds with 360 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-07-12 13:29:47.489
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-12 13:29:46.432
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-12 13:29:45.589
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-12 13:29:44.509
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-12 13:26:31.947
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgmfx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-12 13:26:30.502
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgmfx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-12 13:26:29.445
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgmfx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-12 13:26:27.162
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgmfx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-12 13:26:24.659
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-12 13:26:23.660
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Pentium® Dual CPU T3200 @ 2.00GHz
Percentage of memory in use: 80%
Total physical RAM: 2010.21 MB
Available physical RAM: 397.05 MB
Total Virtual: 4257.65 MB
Available Virtual: 1763.1 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:223.7 GB) (Free:70.18 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (PRESARIO_RP) (Fixed) (Total:9.18 GB) (Free:1.67 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: A70CA1E0)
Partition 1: (Active) - (Size=223.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=9.2 GB) - (Type=07 NTFS)
 
==================== End of log ============================


#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:30 PM

Posted 14 July 2015 - 09:21 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Did you install this program from Mica Merchant?
Startup: C:\Users\Suman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\y.lnk
ShortcutTarget: y.lnk -> C:\Users\Suman\AppData\Roaming\obrvaquzdt.exe (Miva Merchant)


If not please add these 4 lines in bold to the Fixlist.txt file before running the fix.
Make sure you save the file before running the fix.

Startup: C:\Users\Suman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\y.lnk
ShortcutTarget: y.lnk -> C:\Users\Suman\AppData\Roaming\obrvaquzdt.exe
C:\Users\Suman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\y.lnk
C:\Users\Suman\AppData\Roaming\obrvaquzdt.exe
-----

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.


start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKU\S-1-5-21-1132745403-967859864-2404794970-1003\...\InprocServer32: [Default-pngfilt]  <==== ATTENTION!
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1132745403-967859864-2404794970-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1132745403-967859864-2404794970-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKU\S-1-5-21-1132745403-967859864-2404794970-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-1132745403-967859864-2404794970-1003 -> {DD3972E8-78A0-4031-A5FE-FCBA2EC1CCEB} URL = http://search.avg.com/route/?d=4b04f6ef&v=6.10.6.4&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
Toolbar: HKU\S-1-5-21-1132745403-967859864-2404794970-1003 -> No Name - {A057A204-BACC-4D26-9990-79A187E2698E} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
U2 vToolbarUpdater18.5.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe [X]
U4 Bcgp30at; No ImagePath
S3 catchme; \??\C:\Users\Suman\AppData\Local\Temp\catchme.sys [X]
U1 eabfiltr; No ImagePath
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]

End
Save the files as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run [b]FRST
and click [b]Fix
only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

How is the computer running now?

#5 sumi1

sumi1
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:00 AM

Posted 16 July 2015 - 04:02 AM

Hi Nasdaq,

 

I was able to remove the virus using Kaspersky virus removal tool.

Thanks for replying.



#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:30 PM

Posted 16 July 2015 - 07:35 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:30 PM

Posted 16 July 2015 - 10:16 AM

This topic has been re-opened at the request of the person who originally posted.

#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:30 PM

Posted 22 July 2015 - 07:27 AM

No response. The topic will be closed again.

#9 nasdaq

nasdaq

  • Malware Response Team
  • 38,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:30 PM

Posted 22 July 2015 - 07:27 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users